1. Field of the Invention
This invention relates to the field of data processing systems. More particularly, this invention relates to data processing systems having a plurality of hardware modes of operation and the control of memory access in dependence upon a current hardware mode.
2. Description of the Prior Art
It is known to provide data processing systems in which the processor has a plurality of hardware modes of operation. For example, the processor may operate in hardware modes including a privileged mode and a user mode. There may also be further hardware modes for other purposes. The privileged mode will normally be used for more trusted program code, such as an operating system kernel, and will have access to more areas of memory than when the processor is operating in the user mode. The user mode will typically be used for less trusted programs, such as application programs. In this way, malicious or accidental access from a program to predetermined areas of memory may be prevented by using a memory management unit or a memory protection unit sensitive to the current mode of operation of the processor and which prevents access to the predetermined areas of memory if the processor is not in the privileged mode. The model within such systems is that the privileged mode of operation has access to more of the system resources, e.g. areas within the memory, than the user mode.
One type of malicious security attack, or unfortunate erroneous operation, which can occur is that the system is inappropriately made to execute program instructions stored within areas of memory that are writeable in the user mode while executing in the privileged mode. In this way, as one example, a person may write malicious program instructions into areas of the memory which are accessible in the user mode and then switch the processor into the privileged mode where access to secure regions of the memory may be made while executing the malicious program instructions read from the memory area accessible in the user mode.